When attempting to use a custom model instead of DRF's built-in Token, Django tries very hard to include the Token model even if rest_framework.authtoken isn't in INSTALLED_APPS. Attempting to run migrations on a fresh database will explode with a missing user model error, and an already-set-up database will have a Token table added to it (which also means the user model gets an unwanted auth_token OneToOne field on it).

I believe a simple fix for this behaviour is to reinstate the Meta abstract setting in the Token model. I spent a day or so digging for other ways to avoid using Token in the project I was working on and couldn't find anything, but there may also be other fixes.